Commit Graph

3578 Commits

Author SHA1 Message Date
Malte Poll
4e07965e87 bazel: disable local repository and disk cache 2023-11-10 18:15:59 +01:00
Malte Poll
b29b970c36 deps: remove dangling symlinks from libvirt-libs 2023-11-10 18:15:59 +01:00
Malte Poll
84cd22b6ee bazel: add buildbarn toolchain (Ubuntu 22.04) 2023-11-10 18:15:59 +01:00
Malte Poll
955c16a57d deps: upgrade rules_nixpkgs 2023-11-10 18:15:59 +01:00
Malte Poll
8d5ce524d5 bazel: add bazel itself as nixpkgs dependency 2023-11-10 18:15:59 +01:00
Malte Poll
bf06a014a4 bootstrapper: ignore "journald" not in $PATH in constructor
In unit tests, NewCollector may be called on systems that do not have
"journalctl" in $PATH.
We can defer checking if the command can work by not checking cmd.Err in
the constructor.
2023-11-10 18:15:59 +01:00
Adrian Stobbe
22d82a59ed
terraform: Terraform module for GCP (#2553) 2023-11-10 13:32:18 +01:00
Adrian Stobbe
b765231175
deps: bump Go to 1.21.4 (#2569)
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-11-09 20:17:14 +01:00
Adrian Stobbe
c506991eb4
docs: fix tf links (#2570) 2023-11-09 12:51:02 +01:00
Daniel Weiße
e9eb75bb83
ci: dont run SNP version upload on v2.12.0 CLI tests (#2568)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-09 08:26:42 +01:00
Adrian Stobbe
cea6204b37
terraform: Terraform module for AWS (#2503) 2023-11-08 19:10:01 +01:00
Daniel Weiße
0bac72261d
ci: fix failure issue creation for Windows e2e test (#2565)
* Add missing bazel set-up in windows e2e-failure notify
* Enable bazel caching for e2e-upgrade test
* Remove whitespace

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-08 15:27:40 +01:00
Otto Bittner
b1b8571877 validation: use regex instead of dns lookup
Doing a DNS lookup may fail for domain names that are valid
but currently not assigned.
The old test also breaks inside the bazel sandbox.
2023-11-08 14:43:05 +01:00
Otto Bittner
8341db3c33 attestation: clear certificate cache in azure snp
The unittest was flacky as testcases with valid certs
in the getter property lead to those certs being cached
inside the trust module. Other testcases however,
may want to explicitly use invalid certs. The cache
interferes with this.

Co-authored-by: Moritz Sanft <ms@edgeless.systems>
2023-11-08 13:31:26 +01:00
katexochen
45df17d527 image: update measurements and image version 2023-11-08 11:40:07 +01:00
Daniel Weiße
32706f50f6
[Windows] cli: fix incorrect filepath separator causing upgrades to fail (#2562)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-08 10:26:02 +01:00
renovate[bot]
7eb28e4f6e
deps: update module github.com/google/go-tpm-tools to v0.4.2 (#2374)
* deps: update module github.com/google/go-tpm-tools to v0.4.2

* deps: tidy all modules

* remove go-tpm-tools replace

* deps: tidy all modules

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: edgelessci <edgelessci@users.noreply.github.com>
Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-08 09:09:00 +01:00
Daniel Weiße
273a6ba853
ci: use structured logging for all parts of the malicious-join test (#2557)
* Use structured logging for all parts of the test
* Fix malicious-join image build action

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-07 09:02:19 +01:00
Malte Poll
4fe51cd5f4
image: use dissect from nix (#2558) 2023-11-06 17:50:21 +01:00
Daniel Weiße
ac4ac6a148
cli: don't validate unused ownerID field (#2556)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-06 11:55:20 +01:00
Otto Bittner
b0ee39a96d ci: publish s3proxy chart during release 2023-11-06 10:21:11 +01:00
Otto Bittner
8ebd813480 s3proxy: ship as helm chart 2023-11-06 10:21:11 +01:00
Otto Bittner
afbe17b796 renovate: add regexManager for mint img 2023-11-06 10:21:11 +01:00
Otto Bittner
a19227cac9 s3proxy: initial e2e tests and workflows 2023-11-06 10:21:11 +01:00
Malte Poll
76d7d30245
ci: do not upload terraform logs (#2554) 2023-11-04 19:14:29 +01:00
Moritz Sanft
813405f080
ci: share e2e workflow (#2550)
* re-use workflow in internal LB e2e test

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add self-managed infra workfloww

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-11-03 16:27:28 +01:00
Moritz Sanft
744a605602
cli: state file validation (#2523)
* re-use `ReadFromFile` in `CreateOrRead`

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* [wip]: add constraints

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* [wip] error formatting

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* wip

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* formatted error messages

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* state file validation

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* linter fixes

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* allow overriding the constraints

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* dont validate on read

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add pre-create constraints

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* [wip]

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* finish pre-init validation test

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* finish post-init validation

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* use state file validation in CLI

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix apply tests

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* Update internal/validation/errors.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* use transformator for tests

* tidy

* use empty check directly

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* Update cli/internal/state/state.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update cli/internal/state/state.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update cli/internal/state/state.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* Update cli/internal/state/state.go

Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>

* conditional validation per CSP

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* tidy

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* fix rebase

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add default case

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* validate state-file as last input

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
2023-11-03 15:47:03 +01:00
Adrian Stobbe
eaec73cca4
cli: fix invalid upper case name on AWS (#2546) 2023-11-03 10:09:43 +01:00
katexochen
d67f1a035f image: update measurements and image version 2023-11-03 09:04:06 +01:00
katexochen
33ff6eb5ae image: update measurements and image version 2023-11-02 13:28:49 +01:00
renovate[bot]
8e00fb9fe1
deps: update golangci/golangci-lint to v1.55.1 (#2517)
* deps: update golangci/golangci-lint to v1.55.1
* deps: tidy all modules
* golangci-lint: exclude ginko/gomega imports
   from dot-imports rule

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-02 11:16:17 +01:00
Daniel Weiße
5267ad0f08
operator: always delete terminated pending nodes (#2545)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-11-02 10:39:13 +01:00
renovate[bot]
17b0915a10
deps: update docker/build-push-action action to v5 (#2531)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-11-02 10:13:14 +01:00
Daniel Weiße
625dc26644
cli: unify cloudcmd create and upgrade code (#2513)
* Unify cloudcmd create and upgrade code
* Make libvirt runner code a bit more idempotent

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-31 12:46:40 +01:00
Daniel Weiße
e8cf0f59bd
ci: force delete files on self-managed destroy (#2538)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-31 12:45:10 +01:00
Moritz Sanft
9a282df846
ci: separate logs and metrics indices (#2544)
* separate logs and metrics indices

* tidy
2023-10-31 12:09:27 +01:00
Moritz Sanft
0c03076181
add missing field (#2542) 2023-10-31 10:12:49 +01:00
Moritz Sanft
9a2587cfd8
increase period for Metricbeat (#2540) 2023-10-30 15:50:27 +01:00
Moritz Sanft
8d08ace0b5
ci: mark self-managed infrastructure tests (#2537)
* mark self-managed infrastructure tests

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>

* add TODO

---------

Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
2023-10-30 14:33:58 +01:00
Daniel Weiße
5f05810ad7
cli: only create Terraform client when needed (#2536)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-30 12:43:38 +01:00
katexochen
238a3c222b image: update measurements and image version 2023-10-30 11:23:12 +01:00
3u13r
618da92c7f
image: use all of cilium's sysctl overrides (#2532) 2023-10-30 11:19:58 +01:00
Moritz Sanft
21cfb40e98
docs: align self-managed infrastructure docs with e2e worfklow (#2525) 2023-10-30 10:56:10 +01:00
edgelessci
b76bd3dfcc
image: update locked rpms (#2535)
Co-authored-by: malt3 <malt3@users.noreply.github.com>
2023-10-30 09:31:05 +01:00
Daniel Weiße
a0863bafe7
cli: fix apply flag issues (#2526)
* Fix flag order
* Fix missing phases in flag parsing

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-30 09:30:35 +01:00
Daniel Weiße
e4d8bda792
cli: spinner for planning Terraform migrations (#2533)
* Remove mention of "changes below" for changes that are listed above the message
* Add a spinner for Terraform Plan action

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-30 09:19:35 +01:00
Moritz Sanft
78c5d09ae7
metricbeat: don't limit memory (#2534) 2023-10-30 08:02:20 +01:00
renovate[bot]
026ed5b642
deps: update module github.com/google/uuid to v1.4.0 (#2530)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-10-27 16:20:37 +02:00
Daniel Weiße
af36099c70 Revert "deps: update Terraform google to v5 (#2506)"
This reverts commit 37cda7f4f2.
2023-10-27 14:23:04 +02:00
Daniel Weiße
a321f839bc Revert "deps: update Terraform google-beta to v5 (#2507)"
This reverts commit cb11c8e297.
2023-10-27 14:23:04 +02:00